<?php

require_once('../include/GeneralTop.php');
require('../include/class/db.php');
require("../include/lib/fckeditor/fckeditor.php");

$db = new db;

if (!$pay_member) {
	die('<div style="text-align:center">Permission denied...</div>');
}

if(MEMBER_PAID === (int)$_SESSION['MM_UserGroup']) {
	$pid = isset($_GET['Id']) ? $_GET['Id'] : $_POST['Id'];
	$check_sql = "select add_user from happyhome where Id=".$pid;
	$check_sql_query = $db->query($check_sql);
	$check_sql_row = $db->fetch($check_sql_query);
	if((int)$check_sql_row['add_user'] !== (int)$_SESSION['MM_Username_id']){
		die('<div style="text-align:center">You have no permission to edit this pet...</div>');
	}
}

if ((isset($_POST["submit"]))) {
    //handle pics
    /*********************BEGIN*************************/
    $sub_folder = date("Y-m-d");	
	$savePath = IMAGES_SALE_SAVE_FOLDER.'/'.$sub_folder;
	if(!is_dir($savePath)) {
		mkdir($savePath, 0755);
	}
    
    $fileTemp = getimagesize($_FILES['pic']['tmp_name']);
	$trueType = $fileTemp['mime'];
	$fileSizeAll = $_FILES['pic']['size'];

	if('' != $_FILES['pic']['name']) {
		if(!in_array($trueType, $typeArray)) {
			echo '<div align="center">The format of the pics you uploaded is not png,jpg,jpeg,gif, please upload again</div>';
			die();
		}
		if($fileSizeAll > $pic_size_limit * 1024) {
			echo '<div align="center">The size of the pics you uploaded exceed limitation, please upload another one</div>';
			die();
		}
		//first pic
		$fileId = md5($_FILES["pic"]["tmp_name"] + rand()*100000);
		$imagePathInfo = pathinfo($_FILES['pic']['name']);
		$extension = $imagePathInfo['extension'];
		$imageName = $fileId;
		$imageFullName = $savePath.'/'.$imageName.'.'.$extension;
		$file_name = '/'.$sub_folder.'/'.$imageName.'.'.$extension;
		move_uploaded_file($_FILES['pic']['tmp_name'], $imageFullName);
		
		//generate thumb of first pic
		$imageName_t = $fileId.'_t';
		$imageFullName_t = $savePath.'/'.$imageName_t.'.'.$extension;
		$file_name_t = '/'.$sub_folder.'/'.$imageName_t.'.'.$extension;
		generateImages($trueType, $imageFullName, PIC_THUMB_WIDTH, PIC_THUMB_HEIGHT, $imageFullName_t);
		
		$update_pic = true;
	}
	else {
		$update_pic = false;
	}
	/*********************END**************************/
    
    
    $updateSQL = sprintf("UPDATE sale SET name=%s, price=%s, intro=%s 
								WHERE id=%s",
                       GetSQLValueString($_POST['sname'], "text"),
                       GetSQLValueString($_POST['price'], "text"),
                       GetSQLValueString(stripslashes($_POST['FCKeditor1']), "text"),
                       GetSQLValueString($_POST['id'], "int"));
    $db->query($updateSQL);
    
    if($update_pic) {
	    $update_pic1_sql = sprintf("UPDATE sale SET pic=%s 
									 WHERE id=%s",
	                       GetSQLValueString($file_name_t, "text"),
	                       GetSQLValueString($_POST['id'], "int"));
	    $db->query($update_pic1_sql);
    }
    
    header("location:".$_SERVER['PHP_SELF']."?result=suc&id=".$_POST['id']);
}

$id = "-1";
if (isset($_GET['id'])) {
    $id = $_GET['id'];
}

$sql = sprintf("SELECT * FROM sale WHERE id = %s", GetSQLValueString($id, "int"));
$res = $db->query($sql);
$row = $db->fetch($res);

include('AdminPanel.php');
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Untitled Document</title>
</head>

<body>
<form action="<?php echo $_SERVER['PHP_SELF']; ?>" enctype="multipart/form-data" method="post" name="form1" id="form1">
  <table align="center" width="60%">
    <?php
    if($_GET['result'] && 'suc' == $_GET['result']) {
    ?>
    <tr valign="baseline">
      <td colspan="2" nowrap="nowrap" align="center"><font color="green">更新成功...</font></td>
    </tr>
    <?php
    }
    ?>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">id:</td>
      <td><?php echo $row['id']; ?></td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">名称:</td>
      <td><input type="text" name="sname" value="<?php echo htmlentities($row['name'], ENT_COMPAT, 'utf-8'); ?>" size="32" /></td>
    </tr>
    <tr valign="baseline">
      <td align="right" nowrap="nowrap" valign="top">照片:</td>
      <td><input type="file" name="pic" /> (列表页图，会自动生成缩略图，不传就是不修改)</td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">价格:</td>
      <td><input type="text" name="price" value="<?php echo htmlentities($row['price'], ENT_COMPAT, 'utf-8'); ?>" size="32" /></td>
    </tr> 
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">物品介绍:</td>
      <td>
      <?php
	  $oFCKeditor = new FCKeditor('FCKeditor1') ;
	  $oFCKeditor->BasePath = FCKEDITOR_BASE_PATH;
	  $oFCKeditor->Height = 400;
	  $oFCKeditor->Value = $row['intro'];
	  $oFCKeditor->Create();
	  ?>
      </td>
    </tr>
    <tr valign="baseline">
      <td nowrap="nowrap" align="right">&nbsp;</td>
      <td>
      	<input type="submit" id="submit" name="submit" value="Update record" />&nbsp;&nbsp;
        <input type="button" id="button" onclick="window.location.href='showSaleOfWork.php'" value="Back">
      </td>
    </tr>
  </table>
  <input type="hidden" name="id" value="<?php echo $row['id']; ?>" />
</form>
<p>&nbsp;</p>
</body>
</html>